Lawmakers introduce bill designating $28 billion to secure state and local IT systems

Lawmakers introduce bill designating $28 billion to secure state and local IT systems
© iStock

A coalition of lawmakers in the House and Senate on Thursday introduced legislation to funnel federal funds into strengthening state and local information technology systems, following increased stress on these systems during the COVID-19 pandemic. 

The State and Local IT Modernization and Cybersecurity Act — sponsored in the House by Reps. Jim LangevinJames (Jim) R. LangevinLawmakers roll out legislation to defend pipelines against cyber threats Lawmakers introduce bill to protect critical infrastructure against cyberattacks Feds eye more oversight of pipelines after Colonial attack MORE (D-R.I.) and Mike GallagherMichael (Mike) John GallagherGOP lawmaker calls for Wuhan probe to 'prevent the next pandemic' Lawmakers introduce bill to protect critical infrastructure against cyberattacks Senate panel approves bill that would invest billions in tech MORE (R-Wis.) and in the Senate by Sen. Angus KingAngus KingSenators shed masks after CDC lifts mandate DC statehood bill picks up Senate holdout Senate panel deadlocks in vote on sweeping elections bill MORE (I-Maine) — would provide $28 billion in federal aid to state and local governments to help shore up older systems in the midst of the pandemic. 

These funds would be funneled through a “Public Health Emergency Information Technology Grant Program” that would address immediate challenges to IT systems during the coronavirus pandemic, and a “Modernizing Information Technology Program” to purchase new and more secure platforms. 


The bill was introduced after recommendations by the Cyberspace Solarium Commission (CSC), a bipartisan group established by Congress, that released a report in March detailing ways to secure the U.S. against debilitating cyberattacks. 

Langevin, a member of the CSC and the co-chair of the Congressional Cybersecurity Caucus, said in a statement that the COVID-19 pandemic had made clear the negative impact of legacy IT systems on state and local governments. 

“We need immediate investments to ensure state and local employees can safely work remotely, and we need IT modernization strategies to ensure that essential services, like unemployment insurance, can be provided to Americans in need,” Langevin said. 

King and Gallagher, the co-chairs of the CSC, also cited the legislation as essential for state and local governments during the pandemic. 

“This legislation will help our states and localities update their systems, which will improve their security and provide the added benefit of helping state and local governments operate more efficiently in the digital age,” King said in a statement. “It’s necessary for our security, and it will strengthen online services for the American people – a win-win, and one I’m proud to introduce with Representatives Langevin and Gallagher.”


"Outdated legacy systems not only threaten state and local governments' ability to deliver critical services, but can also expose sensitive data to cyber threats," Gallagher said in a separate statement. "An ounce of prevention is worth a pound of cure, and modernizing IT infrastructure is an important step towards ensuring our country is well-defended in cyberspace across all levels of government.”

Other House co-sponsors of the legislation include Rep. Cedric RichmondCedric RichmondCarter sworn in as House member to replace Richmond, padding Democrats' majority Biden set to flex clemency powers Democrats confront difficult prospects for midterms MORE (D-La.), the chairman of the House Homeland Security’s cybersecurity subcommittee, and Reps. Will HurdWilliam Ballard HurdWill the real Lee Hamiltons and Olympia Snowes please stand up? The Hill's Morning Report - Presented by Facebook - Biden, Congress drawn into pipeline cyberattack, violence in Israel Pence autobiography coming from Simon & Schuster MORE (R-Texas), Dutch RuppersbergerCharles (Dutch) Albert RuppersbergerHouse lawmakers roll out bill to invest 0 million in state and local cybersecurity House approves cyber funds in relief package as officials press for more Maryland lawmakers ask Biden to honor Capital Gazette shooting victims with Presidential Medal of Freedom MORE (D-Md.), Michael McCaulMichael Thomas McCaulHouse lawmakers roll out bill to invest 0 million in state and local cybersecurity Asian American lawmakers say State's 'assignment restrictions' discriminate Senate Intelligence panel working on legislation around mandatory cyber breach notification MORE (R-Texas), Max RoseMax RoseOvernight Defense: Austin takes helm at Pentagon | COVID-19 briefing part of Day 1 agenda | Outrage over images of National Guard troops in parking garage Austin sworn in as nation's first Black Pentagon chief We lost in November — we're proud we didn't take corporate PAC money MORE (D-N.Y.), and Don Bacon (R-Neb.). 

The bill builds on legislation previously introduced by Richmond that would provide state and local authorities with the funding and resources to address cyber threats and vulnerabilities.

State and local IT officials have faced increasing challenges during the pandemic, as more activities and business has moved online at the same time that budgets have dried up. 

Doug Robinson, the executive director of the National Association of State Chief Information Officers (NASCIO), said in a statement Thursday that the new legislation was “sincerely appreciated.”


“As states are charged with administering critically important federal programs and benefits, this legislation aims to make significant investments in modernizing state and local IT infrastructure,” Robinson said.

NASCIO was among a coalition of groups that sent a letter to congressional leaders in April asking for funds to address cyber and IT infrastructure needs during the pandemic.  

“This surge on our information technology infrastructure requires additional investment in both funding and manpower to keep up with the massive usage,” the groups wrote. “Additionally, malicious cyber actors have used attention on COVID-19 to their advantage, further targeting government infrastructure, the healthcare sector, and individual citizens for internet crimes, such as ransomware, phishing, and computer-enabled financial fraud.”

Lawmakers and state officials had lobbied for more federal resources even before the pandemic, particularly following a year in which ransomware cyberattacks brought the governments of Baltimore and New Orleans, among other government groups, temporarily to their knees.